- 积分
- 106
- 鸿鹄币
- 个
- 好评度
- 点
- 精华
- 注册时间
- 2014-4-9
- 最后登录
- 1970-1-1
- 阅读权限
- 20
- 听众
- 收听
助理工程师
|
海外,88X 分过的,考试时故意错了几个题。参考了坛子里多个版本 (alomar,lining7, romantictriv等),在这里一并感谢。 感觉Alomar的124Q是最好的,因为有截图。Romantictriv的125Q VCE适合考前练习,没有截图,不便于记忆。
1 N& P; u0 H8 [7 j( a$ |4 `% g$ z针对124Q的一些答案,我有自己的看法,在这里列出来,供后来者参考。记得是参考!!, g: b/ S- L8 `
Q2,Which criteria does ASA use for packet classificaton if multiple contexts share an ingrss interface MAC address?
, z( [7 d4 G# ^+ N: s3 B( CF, ASA NAT configuration
8 J1 p; n' D0 q, @* j/ v0 {5 n Z1 ~1 y r8 `: y3 `; ^! e/ O
Q18, SenderBase reputation scoring?
$ I! U2 ~$ b: Z) [3 |4 S9 u- WD, You can configure a custom score threshold for whitelisting messages
& k0 r+ }* R2 x7 t3 Z7 b5 J4 f4 o# x* _5 v, `
Q19. Router(config)# cts sxp reconsiliation period 180
" p; E- @- v2 Q% }3 g9 i# HB, If a peer reconects to the device within 120 seconds of terminating..
: H" [& e8 T8 l* xC. If a peer re-establiehes a conneciton to the device before hold-down timer expires....
8 s; X* }! P2 |6 s2 _. N% q
; h8 m) G# r- j. GQ27. which statement about securing conneciton using MACsee is true?. G3 W) H3 ^- R6 S
这个比较纠结,答案F it provides network layer encryption on a wired network 显然是错的,应该是MAC layer的加密
0 ?* j6 P' O M7 Q& ]+ L, {) n貌似可能的答案:5 `7 ]8 E& L1 N* `! o) x, \: I
C. a switch use session keys to calculate encrypted packet ICV value..问题是,交换机是先decrypt packet之后再计算的ICV value% y& m/ v8 Q! n* I7 |4 {
D. switch configured for MACSec can accept MACSec frame from the MACSec client. 考前我觉得应该是这个,因为A device that uses MACsec accepts either MACsec or non-MACsec frames, depending on the policy associated with the client.但考试的时候答案稍微不同,多了一个字:switch configured for MACSec can ONLY accept MACSec frame from the MACSec client.6 d1 N2 l8 ~ p* u) Y
$ J1 `. i! u% U0 H
Q41 which statement about Remote Triggerd Black Hoel
/ a' `! _7 G# g: m2 s/ r' s0 k/ kE. it drops malicious traffic at the customer edge router by forwading it to a Null0 interface# A$ L: F( \9 `( I4 K
D显然是错的,因为RTBH可以基于source (RFC5635)或destination (RFC3883)做
2 I) [9 P! x& ~ a% v; x* L2 h) [/ ^# C S; Q2 w* Y$ H/ v
Q42 which statement about Cisco VSG functionality
4 h+ g( P# z( b9 u2 n; m: HE. it provides trusted access to VMs in an enterprise data center 其实这个答案也不太对,但别的的答案都是明显错,比如7 B; O) U: I9 Q \3 J
A it allows..security administrator to author and manage port profile - 应该是network administrato才能管理port profile,所以不对
, c2 ^: J; h" ]: p, A
; {# h' b3 V# u# ~4 A; n0 e5 CQ52 which 3 similarities between container and virtual machines?; t6 N5 d+ z3 M$ {) q/ Y4 O
A. prviate space for processing, E. private network address F. allow custom routes 这是来自freecodecampe网站的一段原话6 f& I7 n) f9 H0 e" D) j
# R2 Q9 @3 {4 ?0 I
Q58 in order to enable CA featue using SCEP, which 3 confguration steps$ H! ~. b+ u5 ~9 B Q N5 ~
B. set an authoritative clock source E. enable ip http server F. issue no shut under the crypto ski CCO上的参考配置8 O2 m0 Y+ M3 L+ c7 p4 y- e
5 ]9 C* [3 `& _# _) U8 z
Q74 which security capablility cn best prevent zero-day malware and attacks?
* A2 j0 o* k' [9 V) `B. threat intelligent. 不太可能是A. IPS 因为这里针对的是zero-day的malware
5 o- n9 m; l+ p7 p9 e) {- [ u# M, S1 L; T+ M( a1 D
Q90 configuring URL Redirect for Cisco ISE posture validation, you need to create redirect ACL's on switch and WLC, you will
3 \8 E9 {. |" m |B. Permit traffic to ISE on the switch ACL and deny traffic to ISE in the WLC ACL. 这个应该是实现redirect的标准做法,其它都不对4 g' M7 D6 }6 ~; ` ~% ]# r0 D
; T( k1 [0 m+ V! oQ99 which of the following statement aobut CisocTrustSec is incorect
$ j- l3 B* J" l8 K- IA. SXP is required for SGT propogation SGT propogation还有另外一种方式 (硬件支持)
" e1 ~+ \' p) P( ]
+ [) ?8 ]) l0 w! j; W) \- H2 @) D2 sQ109 which statement correctly describe how DMVPN can be used to provide nework segmentation
4 f% E1 O% X* t" L( ZB DVMPN can be used to transport MPLS packets inside of an mGRC tunnel
; {" Z# b0 B V8 {% _
- W% _: j( \9 q再次强调,这个是我个人的判断,仅供参考。祝考试顺利。" z# t3 j6 l. i3 K" ]" a3 r7 V% E
4 [' p! j$ ~' V/ q- `. k3 I
* d4 Q5 h' U' F- O- o- S b$ `3 Y( E
|
评分
-
查看全部评分
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
发表于 2019-12-8 23:10:03
置顶卡
喧嚣卡
变色卡
千斤顶
成长值: 9430